﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using MvcApplication4.Models;

namespace MvcApplication4.Controllers
{
    public class SessionController : Controller
    {
        //
        // GET: /Session/Create

        public ActionResult Create()
        {
            // skilar html síðu með login form
            return View();
        } 

        //
        // POST: /Session/Create

        [HttpPost]
        [MyAuthorize]
        public ActionResult Create(FormCollection collection)
        {
            // tekur við info frá login form og býr til session
            // Session["user_id"] = User.Authenticate(email, password).ID
            try
            {
                UserRepository users = new UserRepository();

                User user = users.GetUserByEmailAndPassword(collection["email"], collection["password"]);
                // vantar if setningu til að tékka hvort þessi user sé til
                // því þá fær hann ekki aðgang að þessu
                Session["user_id"] = user.Id;

                return RedirectToAction("Index");
            }
            catch
            {
                return View();
            }
        }

        //
        // POST: /Session/Delete/5

        [HttpPost]
        public ActionResult Delete(int id, FormCollection collection)
        {
            try
            {
                Session.Clear();
 
                return RedirectToAction("Index");
            }
            catch
            {
                return View();
            }
        }
    }
}
